Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[r!ng0]

Does anyone still uses plain old FTP??? It sends passwords open text so it's not a great idea to open it to the world anyway. Use SFTP or FTP/SSL instead. Either way you do it use non-standard 4 digit ports for this as 21 is scanned by every security tool out there.

[tfiveash]

Unless I missed something the DNS-321 does not support SFTP or FTP/SSL.  All I have been able to find is plain FTP.  If you know how to do the other please let me know because I am not happy with the plain FTP.

Thanks,

Terry

[gunrunnerjohn]

I'm sure he's suggesting you install something like FunPlug and then load one of the secure FTP packages available.

[r!ng0]

Right. It doesn't support those. It's exactly my point. Personally I don't consider this NAS box (or any other device with embedded os other than specifically designed for this purpose) safe enough to be exposed directly to the Internet. My solution is to use a dedicated server with regular security updates serving as secure ftp, www, mail and whatever else I need exposed to outside. That's the only point that has ports forwarded to it through the router.

[gunrunnerjohn]

I agree without add-ons that the DNS-321/323 probably isn't safe to expose to the Internet.

[tfiveash]

I agree with you guys but my problem the that I am not a guru with this add-on stuff.  Would any of you guys who have done it give us novices a detailed outline on how to do it.  When you start typing command line stuff I kind of get lost and I have read the install procedure but it is written for people who have experience with Linux which I am not.  But if I have a list of things to follow I can do that. Any help would be appreciated.

Thanks,

Terry

[JoeSchmuck]

Terry,
  Do a google search for fun plug.  There are a few tutorials on this item and it's failry easy.  I don't recall if R-Sync is part of it but if so, that would greatly help out your backup issue as well.

Oh, and even though I say it's easy, it still requires several hours of reading before you take the plunge.  Also, if you do want to try out fun plug, I recommend you remove your real hard drives, install a single test drive, load fun plug and test it out.  You can always put back your old drives.  Also save your configuration before you start.

-Joe

[r!ng0]

I wouldn't recommend messing with the plug etc. for novice user.
The simplest setup for windows person would probably be something like this:
- have a windows machine on your network that you keep up to day with security patches etc. Ideally this would be a dedicated machine (even old cheap low power would do). But you can also use your desktop or laptop if you leave them on. They just under more risk of getting crap when browsing on internet.
- set up this machine with static IP address
- install Filezilla FTP server. It's a free secure server that supports all the stuff you can dream of.
- depending how secure you want your shares inside your network either leave it wide open on dns-321 or create a share for some user and remember it's password.
- if you chose to protect share with the password create user with the same name/password on the windows box and make sure Filezilla service runs as this user
- in Filezilla share this share as \\yournas\share (you cannot map it as a drive since service would run even when noone has logged on).
- map ports on your router to this windows machine.
You'll have to figure out which ports, especially if you want to run this in passive mode (that's where it becomes fun, especially with SSL stuff). I'd recommend opening some port like 7921 and map it to port 21 of your windows box.

Now this is just an outline of the setup, but it would get you started. I ran something like this for years before I turned to linux server with more serious setup.

[gunrunnerjohn]

One of the attractions of the NAS FTP is the low power operation.  Even a low power machine will use 100 watts, if you have the electric rates we do here in SE-PA, you can do the math.  I figure for a minimal configuration I'd be paying $13-14/mo, that's the price of a new NAS box in less than a year!

I think there are real benefits to solving this security issue for the DNS-321.

[JoeSchmuck]

I fully agree with GRJ, it's nice to use as little power as possible if you can get away with it.

Again, check out fun plug.  It has secure FTP but when you first install it, the normal FTP in fun plug will be active.  The tutorials will have you disable that after you enable the secure FTP and test it out.  If you don't like fun plug, just delete the directory on the drive.

Let us know what you decide.

-Joe

[r!ng0]

I agree on power consumption, just trying to suggest alternatives to someone not likely messing around with command line. BTW you can safely use a netbook for this sort of stuff, so power consumption should be much lower than a desktop.

[gunrunnerjohn]

I agree on power consumption, just trying to suggest alternatives to someone not likely messing around with command line. BTW you can safely use a netbook for this sort of stuff, so power consumption should be much lower than a desktop.

That presumes you already own a Netbook.

[D-Link Multimedia]

The DNS-321 should get the same treatment as the DNS-323 1.08 firmware on its FTP server, meaning TLS/SSL only connections, passive port range configurations and any other changes I missed. I just can't give an eta on that =P.

[gunrunnerjohn]

That's good news, I'd like secure connections on the box.

[JoeSchmuck]

DLM,
  Can you also include a faster processor and more RAM in the next firmware update 

Hey, seriously, I'm glad TSL/SSL will be included in the next firmware update.